#VU109832 Externally Controlled Reference to a Resource in Another Sphere in Schneider Electric products - CVE-2025-2875

Cybersecurity Help s.r.o.

Published: 2025-05-27

Vulnerability identifier: #VU109832

Vulnerability risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-2875

CWE-ID: CWE-610

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Modicon M258
Hardware solutions / Firmware
Modicon LMC058
Hardware solutions / Firmware
Modicon M241
Hardware solutions / Firmware
Modicon M251
Hardware solutions / Firmware

Vendor: Schneider Electric

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to externally controlled reference to a resource in another sphere. A remote attacker can manipulate a controller's webserver URL and gain access to sensitive information on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Modicon M258: All versions

Modicon LMC058: All versions

Modicon M241: before 5.3.12.48

Modicon M251: before 5.3.12.48

External links
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-133-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-133-01.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-08

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in Schneider Electric Modicon Controllers